You can use the vCloud Director API for NSX to manage NSX security tags and their virtual machine assignments. For example, you can create a user-defined security tag, assign tags to a virtual machine, view tags assigned to virtual machines, and view virtual machines that have a specific tag assigned.

API-URL is a URL of the form https://vcloud.example.com/network.

id is a vCloud Director unique identifier in the form of a UUID, as defined by RFC 4122.

# is a small integer used in an NSX object identifier.

Summary of NSX Security Tag Requests

Operation

Request

Request Body

Response

Retrieve all security tags defined in the organization VDC with identifier id.

GET API-URL/services/securitytags/id/tag/

None

list

Retrieve all security tags with tag id id:securitytag-# defined in the organization VDC with identifier id.

GET API-URL/services/securitytags/id/tag/id:securitytag-#

None

list

Create a security tag in the organization VDC with identifier id.

POST API-URL/network/services/securitytags/id/tag

securityTag

200 OK

Delete the security tag with tag id id:securitytag-# defined in the organization VDC with identifier id.

DELETE API-URL/network/services/securitytags/id/tag/id:securitytag-#

None

204 No Content

Retrieve the list of VMs in the organization VDC with identifier id that have the security tag with tag id id:securitytag-# attached.

GET API-URL/network/services/securitytags/id/tag/vm/id:securitytag-#

(Requires NSX 6.3.)

POST API-URL/network/services/securitytags/id/vm/id:securitytag-#

(Requires NSX 6.3.)

DELETE API-URL/network/services/securitytags/id/vm/id:securitytag-#

204 No Content